Denial of Service in IBM Lotus Notes Traveler Affects Data Syncing
CVE-2009-5034

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes Traveler
Vendor: CVE Published:; 16 December 2010

Summary

IBM Lotus Notes Traveler versions prior to 8.5.0.2 are susceptible to a denial of service (DoS) vulnerability that can be exploited by remote authenticated users. The issue arises when a user attempts to sync a large amount of data, triggering the creation of multiple processes. This happens while the initial process is still handling the ongoing data, leading to excessive memory consumption and subsequently causing the daemon to crash. This vulnerability emphasizes the need for timely software updates to mitigate potential disruptions in service.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/64741

vdb-entryx_refsource_XF

http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?docum...

x_refsource_CONFIRM

http://www-1.ibm.com/support/docview.wss?uid=swg1LO41707

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Dec 16, 2010
Vulnerability Reserved
Dec 16, 2010